App comparison

Add up to 4 apps below to see how they compare. You can also use the "Compare" buttons while browsing.

ZenGRC Logo

ZenGRC

4.4
(26)

Write a review

Web-based governance, risk, and compliance solution

(11)

GetApp offers objective, independent research and verified user reviews. We may earn a referral fee when you visit a vendor through our links. Learn more

ZenGRC Features

Features Summary

Functionality

4.4

/5

26

Total features

42

10 categories

ZenGRC features

API
Access Controls/Permissions
Activity Dashboard
Alerts/Notifications
Archiving & Retention
Assessment Management
Audit Management
Business Process Control

Common features of Compliance software

API
Access Controls/Permissions
Activity Dashboard
Activity Tracking
Alerts/Escalation
Archiving & Retention
Assessment Management
Audit Management

Price starts from

2500

Pricing options
Free plan
Subscription
Free trial

Screenshots

Contenders comparison

Functionality

4.4

/5

26

Price starts from

2500

learn more

Total Features

42

Unique features

  • Risk Scoring

  • Risk Reporting

  • Operational Risk Management

  • PCI Assessment

Functionality

4.5

/5

711

Price starts from

420

Per month

learn more

Total Features

76

Features in Common

10

Unique features

  • Data Mapping

  • Email Address Extraction

  • No-Code

  • Calendar Management

Functionality

4.3

/5

1K

Price starts from

19

/user

Per month

visit website

Total Features

131

Features in Common

17

Unique features

  • Content Management

  • Workflow Configuration

  • Customizable Fields

  • Electronic Payments

Common ZenGRC comparisons

ZenGRC logo
AuditBoard logo
ZenGRCvsAuditBoard
ZenGRC logo
StandardFusion logo
ZenGRCvsStandardFusion
ZenGRC logo
LogicGate Risk Cloud logo
ZenGRCvsLogicGate Risk Cloud
ZenGRC logo
NAVEX IRM (formerly Lockpath) logo
ZenGRCvsNAVEX IRM (formerly Lockpath)
ZenGRC logo
Resolver logo
ZenGRCvsResolver

Reviewers who mentioned features said:

AvatarImg
AvatarImg

Andrew W.

Computer Software, 1,001-5,000 employees

Used daily for less than 6 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

Logical and minimal approach to GRC saves time!

Reviewed 6 years ago

One of the biggest benefits that has made a huge impact is the time savings we've achieved in our IT Security group by using ZenGRC. Our old email/spreadsheet process would be a multi-week process, cause confusion every audit and often get us lost in the weeds of details when we needed to be focusing on the auditors. The first audit we ran through ZenGRC saved us literally a full week of time that would have been dedicated to reviewing evidence submission via email and spreadsheets. Having ZenGRC in place allowed us to put multiple review points in place BEFORE the evidence came to our group for review practically eliminating the requirement of follow-up request corrections.

Pros

ZenGRC brings all the tools you need to run a successful GRC program to the table in a clear, concise and minimalist package that's nimble and efficient. Our company had been utilizing the old method of email/spreadsheets and was getting lost in the weeds even on the smallest of audits and struggling to keep up each year to stay ahead. Our evaluations with other tools fell flat, didn't meet our requirements...

Cons

As with any SaaS from a small company that is new to market (less than 5 years), there are aspects of the tool that require some creative thinking and clever workarounds. This is not necessarily a dislike in my opinion, however less technical individuals may find this aspect difficult or troublesome. ZenGRC staff do redeem themselves on this front as they're quick to respond to feature requests and have already implemented several suggestions our team has submitted. Since starting to use the product, they have continually updated the product with new features, fixes and updates to existing functionality.

PM
AvatarImg

Paul M.

Telecommunications, 1,001-5,000 employees

Used daily for 2+ years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend9/10

Share this review:

Practical and straightforward approach to GRC Management

Reviewed 4 years ago

PCI Assessments became more efficient with Objects, Controls, Requests, and Evidence migrated from spreadsheets and disparate file repositories to one system with relational mapping. Mapping Risks to our Vendors and Vulnerability management programs provides a holistic view of our security posture.

Pros

The ease of use and administration is well balanced with the functionality needed in a GRC tool. ZenGRC gets the job done without being overly complicated.

Cons

To meet our Privacy and Data Governance requirements, we initially deployed on-premises. However, soon after that, we found that software upgrades required significant IT involvement. Also, the technical specifications to continue to host on-premises did not align with our internal standards. We had to re-assessing our risk in storing sensitive information off-site. After performing more stringent due diligence of ZenGRC as a vendor, we migrated to ZenGRC cloud-hosted. Our preference would have been to remain on-premises with better upgrade automation that ZenGRC Administrators could perform within the user interface.

PA
AvatarImg

Pramod A.

Financial Services, 1,001-5,000 employees

Used daily for 6-12 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend7/10

Share this review:

ZenGRC is a great workflow tool from starting a request to collect evidences and close out request.

Reviewed 7 years ago

ZenGRC is a great tool for managing different audits. I love the workflow from starting multiple requests to collecting and accepting evidences. It is reducing the manual effort of tracking requests in excel file. The audit report matrix gives a solid picture for management to track and find the status of the active audit.

Pros

No pros were added to this review

Cons

The tool needs some enhancements and bug fix to add value to the customers and be user friendly. We are actively using the tool to manage our PCI audit. There are some features that needs to be added to save time during evidence collection and verifying process. I do not think the ZenGRC has met their SLA for customer support. I hope they work on redefining their SLA for their customer.

SB
AvatarImg

Steven B.

Insurance, 5,001-10,000 employees

Used daily for 1-2 years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

Powerful, extensible, and easy to use software. Excellent support and product roadmap.

Reviewed 4 years ago

We're facilitating internal audits with ZenGRC, and the software does a great job of it.

Pros

The ZenGRC solution streamlines conducting internal audits. Auditors can easily set up control frameworks (tons of templates are provided, which is very helpful), evidence requests, assign them to auditees, and review the evidence submitted. Auditees can easily provide feedback, ask questions, and submit evidence for review. The workflows ZenGRC supports are both incredibly accessible and very powerful. ZenGRC actively listens to customers and has actually incorporated a number of suggestions I (and other customers) have made. I'm excited to see what they'll develop in the future.

Cons

The ZenGRC solution is fantastic, and all the complaints I had 1.5 years ago have been resolved, and my expectations exceeded. I wish the vendor/third party management module was receiving more attention, sooner, but the roadmap for its development has been conveyed to me, and I understand the timing. I wish there was a licensing model which was not tied to user counts, which would enable us to do even more with the product.

DA
AvatarImg

Dave A.

Computer Software, 201-500 employees

Used daily for 2+ years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

ZenGRC is a major part of our successful compliance programs

Reviewed 7 years ago

Because it's so well organized we've managed to keep the required staff to manage compliance at a minimum.

Pros

I have been using ZenGRC for over two years now and it has been an essential tool helping us get and stay organized when we embarked on gaining a SOC 2 attestation. We have since been through two SOC 2 audits and are using ZenGRC to help us assess and remediate our gaps against ISO 27001.

Cons

There's still a some things you have to edit by exporting to CSV, editing in your favorite spreadsheet app, then re-importing, so it would be nice if some of that functionality was built into the UI. That being said, that workflow is actually ideal for some tasks. Our last audit firm wasn't able to use the app directly for requesting and managing audit evidence so there was a bit of duplication of effort. The ZenGRC team is making some changes to make that better though.

AvatarImg
AvatarImg

Travis R.

Computer Software, 11-50 employees

Used weekly for 1-2 years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

ZenGRC Delivers Compliance and Automation

Reviewed 6 years ago

The immediate benefits are streamlining of processes and simplification of evidence collection. What used to be a multi-step JIRA project with a manual review, then publishing to a separate project where our auditors could view the evidence, is now a simple workflow. This is a huge timesaver and makes the audit process as painless as possible.

Pros

Simple, easy to use, despite managing complex workflows and multiple audits across ,multiple teams. Easy to import specific controls and modify existing control sets to meet our needs as necessary. Audit readiness dashboard is critical as you prepare for new compliance initiatives or are questioned on "how difficult" it would be to be to become compliant with a specific regulation or framework to close a deal.

Cons

The JIRA integration is improving in significant ways, however the complexity and manner with which we implemented JIRA makes an effective integration difficult and as a result the immediate integration is not as useful as we would like to see. That being said, the two-way sync has made a dramatic improvements, and for most customers, the existing integration is likely more than sufficient.

JG
AvatarImg

Justin G.

Gambling & Casinos, 10,001+ employees

Used weekly for 6-12 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

Great for our needs

Reviewed 4 years ago

Since our compliance team is small ZenGRC has helped us to be able to management the requirements better and be more prepared for audits. In addition when people leave and new people come on to the account team, the new person is able to pick up where the last person left off. The software helps the entire account team manage the requirements more efficiently.

Pros

ZenGRC is great for our team since we have one contract with a lot of requirements. The software gave us the ability to customize without the added costs with other off-the-shelter software.

Cons

Although this is a minor concern, I wish the software would allow for renaming the main attributes. We use different terminology from the software and is confusing for some of the users.

JM
AvatarImg

Julie M.

Higher Education, 1,001-5,000 employees

Used weekly for 2+ years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend9/10

Share this review:

Reciprocity is an invaluable partner in meeting our data management needs.

Reviewed 6 years ago
Pros

The ability to customize the use of the software to meet our unique needs. The technical folks also understand our use case and suggest different ways for us to think about our data and how best to represent it. I like way the system has matured and is tying various elements together (like audit and risk). Customer service is excellent and I really, really like having the same person to deal with all the time. This eliminates having to re-explain your data set to the next help desk guy.

Cons

While many of the changes to the system have been helpful, the constant changes can be hard to keep up with and difficult to plan how to expand our use of the system.

PA
AvatarImg

Pramod A.

Insurance, 1,001-5,000 employees

Used daily for 1-2 years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

I have been actively using this tool for my PCI and SOC2 audit. This a great workflow tool.

Reviewed 6 years ago

I am able to manage multiple audits and collect and test evidences from different customer with less amount of manual work.l

Pros

Managing multiple audits in one platform in the past we used to track our communication via email and in spreadsheet and now we can have log of each communication via this tool.

Cons

Audit manager are not able to choose the request template based on the different types of audit frameworks.

WD
AvatarImg

William D.

Hospital & Health Care, 201-500 employees

Used daily for less than 6 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

Best Governance, Risk and Compliance tool on the market

Reviewed 7 years ago

ZenGRC is the easiest to use, and most flexible, GRC tool on the market. It is simple enough that even small organizations will find it useful, but powerful enough to help the largest of companies. Its power comes from the way it links objects to each other. Controls, objectives, threats, risks, systems, vendors, customers, contracts, etc. are all cross linked to each other. And best of all, Reciprocity...

Pros

Ease of use Relationships of objects Standards library

Cons

No cons were added to this review

LC
AvatarImg

Leo C.

Gambling & Casinos, 1,001-5,000 employees

Used daily for 6-12 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend10/10

Share this review:

Best GRC tool I have used. It's easy and user friendly for risk and compliance requirements

Reviewed 7 years ago

It does everything I need in a fraction of the time. It is efficient and very easy to navigate around.

Pros

Easy to set up and begin recording and reporting on risks. All our compliance requirements in one central place and accessable by a few clicks of a button.

Cons

It needs more reporting and visual features as my target audience need more graphs and items to show different risk profiles, risk appetite, thresholds etc

AR
AvatarImg

Verified reviewer

Events Services, 51-200 employees

Used monthly for 2+ years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend7/10

Share this review:

Great Compliance / Audit Tool

Reviewed 6 years ago

Automating our audit and compliance issues into one platform that is easily accessible when needed to pull these files.

Pros

This tool is very user friendly and navigation is around. It gives us one single platform to keep our audits managed efficiently and easily accessed if needed. We now have a tracking system for our compliance issues to resolve them swiftly and avoid fines and penalties to stay compliant. This tool has been a great organizational tool with many features to save time with tedious audits.

Cons

There could be more reporting features available. There seems to be a lot of editing involved to download and/or export documents. If this was a built in feature with this software that would be helpful.

GK
AvatarImg

Gerald K.

Computer Software, 201-500 employees

Used weekly for 6-12 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend8/10

Share this review:

Great especially for multiple certifications

Reviewed 4 years ago

Great support and team. We've been able to very easily translate a lot of the work we've done for one certification (ISO) to another regime (HIPAA), identify changes and gaps, and be ready for an audit under the new regime.

Pros

Helps to map requirements and controls from multiple certification regimes over to others so you don't spend a lot of time duplicating and re-documenting work. You can do certain core things once and have it covered for everything.

Cons

The various levels of concepts are bit confusing, especially as some of the frameworks have to be imported, and you have to decide which frameworks to use up front, without a lot of context about what the differences are.

AB
AvatarImg

Ankit B.

5,001-10,000 employees

Used weekly for 1-2 years

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend8/10

Share this review:

Great GRC Tool

Reviewed 6 years ago

Great Tool Overall

Pros

It gives me everything I need in regards to dashboards, heatmaps and condensing all of my risks and regulations. The evidence collection and workflows replaced what was an otherwise tedious and duplicative process with JIRA tickets.

Cons

Needs more reporting functions and different dashboard types A fair amount of things you have to edit by exporting to CSV, editing in your favorite spreadsheet app, then re-importing, so it would be nice if some of that functionality was built into the U

DL
AvatarImg

Dana L.

Used daily for 6-12 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support

Share this review:

ZenGRC is the perfect solution for our compliance and audit teams at our tech company

Reviewed 7 years ago
Pros

ZenGRC has a nice user interface and is fairly intuitive to use. I can't tell you how many horrible GRC tools I've used. ZenGRC is refreshing.

Cons

I would love to see a way to use ZenGRC as a tool to automate audit workprograms, testing, spreadsheets and reporting.

AS
AvatarImg

Al S.

Food & Beverages, 1-10 employees

Used weekly for less than 6 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support
  • Likelihood to recommend8/10

Share this review:

Inventory control

Reviewed 2 years ago

I like the product the issue I have you are not given person to person training. Getting someone to call back is like pulling a tooth

Pros

It is a good product but lack customer service

Cons

It would be great to have a product that can communicate with the pos and produce the prep list per day

DK
AvatarImg

David K.

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support

Share this review:

Audit Management Made Easy

Reviewed 7 years ago

ZenGRC has been a great help for managing our assessments. The system is flexible, easy to use and constantly improving with regular updates.

Pros

No pros were added to this review

Cons

No cons were added to this review

Vendor response

Thanks for submitting your review! We're pleased to hear that you are getting a lot of value out of ZenGRC.

GB
AvatarImg

Gemma B.

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support

Share this review:

Streamlining issue management

Reviewed 7 years ago

We used to spend a ton of time sending emails to manage issue tracking and resolution for audits. ZenGRC makes tracking issues incredibly simple.

Pros

No pros were added to this review

Cons

No cons were added to this review

AR
AvatarImg

Verified reviewer

Financial Services, 501-1,000 employees

Used other for less than 6 months

Review source

Overall Rating
  • Value for money
  • Ease of use
  • Features
  • Customer support

Share this review:

Great customization for GRC software

Reviewed 6 years ago
Pros

Software has a simple user interface which is easy to use and customize. This exceeds expectations compared to its competitors.

Cons

The reporting side could be better. I did like to see more metric visuals based on the target audience